77
88import pytest
99from django .contrib .auth .models import User
10- from api .models import APIUser
1110
1211from utils .test_helpers import solr_test_profiles as tp
1312
2423# assemble_test_records
2524# do_filter_search
2625# get_found_ids
26+ # apiuser_with_custom_defaults
2727
2828
2929# API_ROOT: Base URL for the API we're testing.
@@ -1950,16 +1950,18 @@ def _assemble_api_test_records(profile, id_field, test_data):
19501950
19511951@pytest .mark .django_db
19521952def test_apiusers_authenticated_requests (api_client ,
1953+ apiuser_with_custom_defaults ,
19531954 simple_sig_auth_credentials ,
19541955 assert_obj_fields_match_serializer ):
19551956 """
19561957 The apiusers resource requires authentication to access; users that
19571958 can authenticate can view the apiusers list and details of a single
19581959 apiuser. Authentication must be renewed after each request.
19591960 """
1960- api_user = APIUser .objects .create_user ('test' , 'secret' , password = 'pw' ,
1961- email = 'test@test.com' ,
1962- first_name = 'F' , last_name = 'Last' )
1961+ test_cls = apiuser_with_custom_defaults ()
1962+ api_user = test_cls .objects .create_user ('test' , 'secret' , password = 'pw' ,
1963+ email = 'test@test.com' ,
1964+ first_name = 'F' , last_name = 'Last' )
19631965 api_client .credentials (** simple_sig_auth_credentials (api_user ))
19641966 list_resp = api_client .get ('{}apiusers/' .format (API_ROOT ))
19651967 assert list_resp .status_code == 200
@@ -1972,14 +1974,16 @@ def test_apiusers_authenticated_requests(api_client,
19721974
19731975@pytest .mark .django_db
19741976def test_apiusers_not_django_users (model_instance , api_client ,
1977+ apiuser_with_custom_defaults ,
19751978 simple_sig_auth_credentials ):
19761979 """
19771980 Django Users that don't have associated APIUsers records should
19781981 not appear in the list of apiusers.
19791982 """
1980- api_user = APIUser .objects .create_user ('test' , 'secret' , password = 'pw' ,
1981- email = 'test@test.com' ,
1982- first_name = 'F' , last_name = 'Last' )
1983+ test_cls = apiuser_with_custom_defaults ()
1984+ api_user = test_cls .objects .create_user ('test' , 'secret' , password = 'pw' ,
1985+ email = 'test@test.com' ,
1986+ first_name = 'F' , last_name = 'Last' )
19831987 user = model_instance (User , 'bob' , 'bob@bob.com' , 'bobpassword' )
19841988 api_client .credentials (** simple_sig_auth_credentials (api_user ))
19851989 response = api_client .get ('{}apiusers/' .format (API_ROOT ))
@@ -1989,14 +1993,16 @@ def test_apiusers_not_django_users(model_instance, api_client,
19891993
19901994
19911995@pytest .mark .django_db
1992- def test_apiusers_unauthenticated_requests_fail (api_client ):
1996+ def test_apiusers_unauthenticated_requests_fail (api_client ,
1997+ apiuser_with_custom_defaults ):
19931998 """
19941999 Requesting an apiuser list or detail view without providing any
19952000 authentication credentials should result in a 403 error.
19962001 """
1997- api_user = APIUser .objects .create_user ('test' , 'secret' , password = 'pw' ,
1998- email = 'test@test.com' ,
1999- first_name = 'F' , last_name = 'Last' )
2002+ test_cls = apiuser_with_custom_defaults ()
2003+ api_user = test_cls .objects .create_user ('test' , 'secret' , password = 'pw' ,
2004+ email = 'test@test.com' ,
2005+ first_name = 'F' , last_name = 'Last' )
20002006 list_resp = api_client .get ('{}apiusers/' .format (API_ROOT ))
20012007 detail_resp = api_client .get ('{}apiusers/test' .format (API_ROOT ))
20022008 assert list_resp .status_code == 403
@@ -2005,17 +2011,19 @@ def test_apiusers_unauthenticated_requests_fail(api_client):
20052011
20062012@pytest .mark .django_db
20072013def test_apiusers_wrong_username_requests_fail (api_client ,
2014+ apiuser_with_custom_defaults ,
20082015 simple_sig_auth_credentials ):
20092016 """
20102017 Providing an incorrect username/password pair in authentication
20112018 headers results in a 403 error.
20122019 """
2013- api_user1 = APIUser .objects .create_user ('test' , 'secret' , password = 'pw' ,
2014- email = 'test@test.com' ,
2015- first_name = 'F' , last_name = 'Last' )
2016- api_user2 = APIUser .objects .create_user ('test2' , 'secret' , password = 'pw2' ,
2017- email = 'test2@test.com' ,
2018- first_name = 'G' , last_name = 'Last' )
2020+ test_cls = apiuser_with_custom_defaults ()
2021+ api_user1 = test_cls .objects .create_user ('test' , 'secret' , password = 'pw' ,
2022+ email = 'test@test.com' ,
2023+ first_name = 'F' , last_name = 'Last' )
2024+ api_user2 = test_cls .objects .create_user ('test2' , 'secret' , password = 'pw2' ,
2025+ email = 'test2@test.com' ,
2026+ first_name = 'G' , last_name = 'Last' )
20192027 credentials = simple_sig_auth_credentials (api_user1 )
20202028 credentials ['HTTP_X_USERNAME' ] = 'test2'
20212029 api_client .credentials (** credentials )
@@ -2025,15 +2033,17 @@ def test_apiusers_wrong_username_requests_fail(api_client,
20252033
20262034@pytest .mark .django_db
20272035def test_apiusers_repeated_requests_fail (api_client ,
2036+ apiuser_with_custom_defaults ,
20282037 simple_sig_auth_credentials ):
20292038 """
20302039 Attempting to beat apiusers authentication by submitting multiple
20312040 requests without renewing credentials should result in a 403 error
20322041 on the second request.
20332042 """
2034- api_user = APIUser .objects .create_user ('test' , 'secret' , password = 'pw' ,
2035- email = 'test@test.com' ,
2036- first_name = 'F' , last_name = 'Last' )
2043+ test_cls = apiuser_with_custom_defaults ()
2044+ api_user = test_cls .objects .create_user ('test' , 'secret' , password = 'pw' ,
2045+ email = 'test@test.com' ,
2046+ first_name = 'F' , last_name = 'Last' )
20372047 api_client .credentials (** simple_sig_auth_credentials (api_user ))
20382048 resp_one = api_client .get ('{}apiusers/' .format (API_ROOT ))
20392049 resp_two = api_client .get ('{}apiusers/' .format (API_ROOT ))
0 commit comments